Juniper Secure Development Life Cycle (SDL)
is a process for developing products that are secure and resilient.
Juniper’s SDL program is made up of six core practices.
Secure
Coding training is the first step in implementing the Secure
Development Life Cycle. All software developers at Juniper are required
to take this training, which is foundational for building more resilient
software. Training is provided in multiple coding languages, with
developers taking the appropriate course.
Secure Coding training covers fundamental concepts related to secure coding, secure design, secure testing, and privacy.
Juniper believes that everyone involved in
software development is responsible for the security of software
products. This includes managers, program managers, testers, and IT
personnel. With this in mind, secure development lifecycle training is
available to all employees 24 hours a day, 7 days a week, and it offers a
range of additional training covering secure coding fundamentals.
SDL
Practice 2 defines the security-related steps that Juniper engineers
and product managers must undertake in the planning phase of product
development. During this phase, engineers and product managers are
required to formally address security risks in Juniper planning
documents like functional specifications and product requirements
documents.
Threat
modeling evaluates potential threats to a product. Threat modeling
determines risks from those threats and sets the boundaries for a range
of appropriate mitigations.
Threat models help developers define product
attack surfaces, meaning the breadth and depth of exposure to
compromise. For example, a weak password can be exploited by a brute
force attack, or the use of a predictable TCP/IP ephemeral port may
allow an attacker to mount a TCP reset attack.
Threat modeling builds a framework for deeper security evaluation by identifying and enumerating issues.
Once
a product’s security posture has been defined, Juniper’s SDL calls for
the evaluation and validation of the security risks through penetration
testing. Penetration testing is a security evaluation methodology in
which ethical hackers mimic real-world attacks to identify methods for
circumventing the security features of an application, system, or
network. It involves launching real attacks on test systems, using tools
and techniques commonly used by adversaries.
Penetration testing makes use of the threat
model to devise a penetration test plan based on enumerated attack
surfaces and threats.
The
release security review is the examination of a product’s security
posture prior to its release with the goal of identifying and evaluating
remaining security risks and the findings from all parts of the SDL.
The result should be a big picture of the security posture of not just
the software release, but the people, systems, and processes that
produced it and have to support it over its lifecycle.
Products
released with no known vulnerabilities can become subject to threats
over time. The incident response plan outlines how Juniper responds to
potential product vulnerabilities and how these threats and mitigations
are communicated to customers.
This practice builds on Juniper’s
industry-respected Juniper Networks Security Incident Response Team
(Juniper SIRT) framework for responding to security issues. In
responding to security incidents, the plan relies on existing SIRT
tools, best practices, processes, and relationships.
